Privacy Policy

Introduction

Welcome to our Applicant Tracking System (ATS). Your privacy is important to us, and we are committed to protecting the personal information you share with us in compliance with the General Data Protection Regulation (The Data Protection Act 2018). This Privacy Policy explains how we collect, use, and retain your personal data when you use our ATS, and outlines your rights under The Data Protection Act 2018.

By using our ATS, you consent to the collection, use, and retention of your personal information as described in this Privacy Policy. If you do not agree with this policy, please do not use our ATS.

Data Controller

The data controller responsible for your personal data is:

  • Company name: Brandon Trust
  • Email: dpo@brandontrust.org
  • Phone: 0117 907 7200
  • Address:  Draycott House, Almondsbury Business Centre, Bradley Stoke BS32 4QH

Legal basis for processing

Under The Data Protection Act 2018, we are required to inform you of the legal basis for processing your personal data. We process your data based on the following legal grounds:

  • Performance of a contract: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract (e.g., processing your job application).
  • Legitimate interests: Processing is necessary for our legitimate interests in managing our recruitment process, provided those interests are not overridden by your rights and interests.
  • Consent: Where applicable, we may rely on your consent to process specific types of personal data. You have the right to withdraw your consent at any time.
  • Legal obligations: Processing is necessary to comply with our legal obligations, such as employment laws and regulations.

Information we collect

We collect various types of information from you when you apply for a job or interact with our ATS. This includes but is not limited to:

  1. Personal Information
  • Name
  • Email address
  • Phone number
  • Address
  • Date of birth
  • Diversity data such as gender, ethnicity, marital status (this data is anonymised)
  • CV
  • Employment history
  • Educational background
  • References
  • Skills and qualifications
  • Professional certifications
  • Relevant medical information

2. Application Information

  • Job role applied for
  • Application status
  • Interview feedback
  • Assessment results

3. Technical information

  • IP Address
  • Browser type
  • Operating system
  • Log data

How we use your information

The information we collect is used for the following purposes:

  • Recruitment process: To process your job application, evaluate your qualifications, and communicate with you about the recruitment process.
  • Verification: To verify the information provided in your application, including contacting references and conducting background checks.
  • Communication: To inform you of your application status, interview schedules, and any other relevant recruitment-related communication.
  • Improvement: To improve our recruitment processes and ATS functionality.
  • Legal compliance: To comply with legal obligations, including employment laws and regulations.
  • Diversity monitoring: To promote and ensure diversity and inclusion within our recruitment process, in line with our commitment to equal opportunity and fair hiring practices.

Data retention

We will retain your personal data for a period of 12 months from the date of your last interaction with our ATS. This retention period allows us to maintain a pool of qualified candidates for future job openings and to comply with legal obligations.

After 12 months, your personal data will be securely deleted or anonymised so that it can no longer be associated with you, unless:

  • You are hired, in which case your data will be transferred to our employee records and retained in accordance with our employee privacy policy.
  • You have provided explicit consent to retain your data for a longer period.
  • We are required to retain your data for a longer period to comply with legal or statutory obligations or resolve disputes.

Data sharing and international transfers

We may share your personal data with third parties under the following circumstances:

  • Service providers: We may share your data with third-party service providers who assist us in the recruitment process, such as background check agencies or interview scheduling platforms. These service providers are required to protect your data in accordance with this Privacy Policy.
  • Legal requirements: We may disclose your data to comply with legal obligations, court orders, or government requests.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the new entity.
  • International transfers: If your personal data is transferred outside the European Economic Area (EEA), we will ensure that the transfer is subject to appropriate safeguards, such as Standard Contractual Clauses approved by the European Commission, to protect your rights.

Data security

We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it from unauthorised access, disclosure, alteration, or destruction. However, please note that no method of transmission over the internet or electronic storage is 100% secure.

Your rights under The Data Protection Act 2018

Under The Data Protection Act 2018, you have the following rights regarding your personal data:

  • Access: You have the right to request access to the personal data we hold about you.
  • Correction: You have the right to request the correction of any inaccurate or incomplete data.
  • Deletion: You have the right to request the deletion of your data, subject to certain conditions.
  • Restriction: You have the right to request the restriction of processing under certain circumstances.
  • Objection: You have the right to object to the processing of your data based on legitimate interests or direct marketing.
  • Data portability: You have the right to request a copy of your data in a structured, commonly used, and machine-readable format and to transfer that data to another data controller.
  • Withdraw consent: If processing is based on consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise any of these rights, please contact us using the contact information provided below. We will respond to your request within one month, as required by The Data Protection Act 2018

Complaints

If you believe that we have not complied with The Data Protection Act 2018 in relation to your personal data, you have the right to lodge a complaint with a supervisory authority. In the United Kingdom, this is the Information Commissioner's Office (ICO).

If you are based in another EU Member State, you may lodge a complaint with the supervisory authority in your country of residence, place of work, or where the alleged infringement occurred. We encourage you to contact us first so that we can address your concerns directly.

Changes to this privacy policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or other factors. We will notify you of any significant changes by posting the new policy on our ATS and indicating the date of the latest revision.

Contact us

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us at:

  • Email: dpo@brandontrust.org
  • Phone: 0117 907 7200
  • Address:  Draycott House, Almondsbury Business Centre, Bradley Stoke BS32 4QH

By using our ATS, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.